Skip to content
Toolradar
Checkmarx logo

Checkmarx

UnclaimedEditor reviewed

Application security testing platform

SecurityDeveloper ToolsTesting & QADevOps
Visit Website
Reviews onG2Capterra
65 reviews tracked

The Bottom Line

Entry price

Paid plans only

Biggest pro

Enterprise SAST

Biggest con

Very expensive

TL;DR - Checkmarx

  • Checkmarx is an enterprise application security testing platform for finding vulnerabilities in code
  • It provides SAST, SCA, and DAST scanning integrated into CI/CD pipelines
  • Custom enterprise pricing based on codebase size and scanning requirements
Pricing: Paid only
Best for: Enterprises & pros
4.2/5 across review platforms

What is Checkmarx?

Editorial review
Checkmarx scans code for security vulnerabilities throughout the development process. Static analysis finds issues in source code. Dependency scanning catches vulnerable packages. Everything integrates into CI/CD. The platform covers the full application security stack. Findings prioritize by risk. Developer tools make fixing issues part of the workflow. Enterprise development organizations with security requirements choose Checkmarx for comprehensive application security testing at scale.

Available on: Web

how we evaluateSourcecheckmarx.com

Pros & Cons

Pros

  • Enterprise SAST
  • Good vulnerability detection
  • CI/CD integration
  • Compliance support
  • Many languages

Cons

  • Very expensive
  • False positives
  • Learning curve
  • Complex setup
  • Slow scans

Ratings Across the Web

4.2(65 reviews)
G258 reviews
4.4/5
Capterra7 reviews
3.9/5

Ratings aggregated from independent review platforms. Learn more

Key Features

SASTSCAIASTAPI securityIaC scanningEnterprise

Pricing Plans

Free Trial

Pricing checked May 29, 2026

Essentials

null

Core AppSec

  • SAST
  • SCA
  • API Security
  • ASPM dashboard

Professional

null

Expanded coverage

  • All Essentials
  • DAST
  • Container Security
  • Malicious package protection

Enterprise

null

Complete solution

  • All Professional
  • IaC Security
  • Secrets Detection
  • Codebashing training
Calculate your costView full pricing

Reviews

4.2/5

Across 65 verified user reviews on G2, Capterra

Add your hands-on experience to help the next buyer.

Write a Toolradar review

Best Checkmarx Alternatives

Top alternatives based on features, pricing, and user needs.

Fortify logo
FortifyFreemium

Comprehensive application security testing for identifying and remediating vulnerabilities.

4.7
Snyk logo
SnykFreemium

Secure your code, dependencies, containers, and IaC from dev to production

4.5
Veracode logo
VeracodePaid

Application security testing platform

4.1
SonarQube logo
SonarQubeFreemium

Automated code review for bugs, vulnerabilities, and code smells

4.5
See all Security tools →

Still deciding?

Most buyers shortlist 2 or 3 tools before committing. Pull a side-by-side comparison or browse the full alternatives shortlist below.

Checkmarx vs FortifyHead-to-head: features, pricing, who winsCheckmarx vs SnykHead-to-head: features, pricing, who winsCheckmarx vs VeracodeHead-to-head: features, pricing, who wins

Explore More

Best Security ToolsBest Developer Tools ToolsBest Testing & QA ToolsBest DevOps Tools

Checkmarx FAQ

What is Checkmarx?

Checkmarx is an enterprise application security testing (AST) platform that helps developers find and fix security vulnerabilities in their code through SAST, SCA, DAST, and more.

How much does Checkmarx cost?

Checkmarx uses custom enterprise pricing based on your organization's needs. Contact their sales team for a quote tailored to your requirements.

What is SAST in Checkmarx?

SAST (Static Application Security Testing) analyzes your source code to find security vulnerabilities without running the application, catching issues early in development.

Does Checkmarx support multiple languages?

Yes, Checkmarx supports 30+ programming languages including Java, JavaScript, Python, C#, Go, PHP, Ruby, and many others.

Can Checkmarx integrate with CI/CD pipelines?

Yes, Checkmarx integrates with popular CI/CD tools like Jenkins, GitHub Actions, GitLab CI, Azure DevOps, and others to automate security scanning in your workflow.

Source: checkmarx.com

Guides & Articles

Best Compliance Management Software in 2026

Expert guide

Best Secrets Management Tools in 2026

Expert guide

Best AI Terminal Coding Agents in 2026

Expert guide